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(54) Data storage device and control method therefor 

(57) It is provided a data storage device which reads 
data from and/or writes data to a memory medium, 
comprising: a storage unit for storing a first identifier; an 
identifier acquisition unit for acquiring a second identi- 
fier recorded on a memory medium which is set to said 
data storage device; and a controller for comparing said 
first identifier with said second identifier, and controlling 
to access to said memory medium for data reading 
and/or writing according to a relationship between said 
first identifier and said second identifier. For example, 
when the first identifier does not match the second iden- 
tifier, the controller inhibits access to the memory 
medium for the reading and writing of data But when 
the first and the second identifiers match, the controller 
permits access to the memory medium for the reading 
and writing of data. Since the storage device having an 
identifier which differs from the identifier recorded on 
the memory medium inhibits access to the memory 
medium for the reading and writing of data, the secrecy 
of data recorded on the memory medium is ensured. 



FIG. 5 

( START ) 



S101 



Insert medium 



S102 



Start medium loading proceaa 

± S UB 
I Read medium information 



SI 04 

I security Information in locurity area | 




S105 



SI 08 



S107 



. S108 



1 



EP 0 930 616 A2 



2 



Description 

BACKGROUND OF THE INVENTION 
Field of the Invention 

[0001 ] The present invention relates to a data storage 
device for recording data on a memory medium, such 
as a magneto-optical disk, and in particular to a data 
storage device which ensures the secrecy and the 
security of recorded data. 

Related Arts 

[0002] Generally, a data writable memory medium, 
such as a magneto-optical disk (MO), can be inserted 
into or removed from a data storage device (hereinafter 
simply referred to as a storage device) which reads and 
writes predetermined data from and to. When a memory 
medium is loaded into the storage device, operational 
control for the storage device is provided by commands 
issued by a superior apparatus, such as a personal 
computer connected to the storage device by a SCSI 
cable. 

[0003] Conventionally, by taking compatibility into 
account, reading data from and writing data to a mem- 
ory medium can also be performed by a storage device 
other than the device which was originally employed for 
writing data. 

[0004] Rg. 28 is a flowchart for a data reading/writing 
process performed by a conventional storage device. 
After a memory medium is set to (for example, inserted 
into) the storage device at step S1, at step S2 the 
medium is loaded. That is, the memory medium is posi- 
tioned at a predetermined location within the storage 
device and is rotated at a controlled revolution rate. At 
step S3, predetermined data relevant to the memory 
medium, such as its configuration and its memory 
capacity, are read, and at step S4 the reading and writ- 
ing of data is enabled by the employment of an opera- 
tion or a process procedure based on data 
corresponding to that for the memory medium. 
[0005] Therefore, a problem has arisen in that once a 
memory medium has been acquired, secret data 
recorded on the memory medium, such as the contents 
of a client database or design data, can easily be stolen 
or altered. 

SUMMARY OF THE INVENTION 

[0006] It is, therefore, one objective of the present 
invention to provide a data storage device that ensures 
the secrecy and the security of data recorded on a 
memory medium. 

[0007] To achieve the above objective, according to 
the present invention, it is provided a data storage 
device which reads data from and/or writes data to a 
memory medium, comprises: 



a storage unit for storing a first identifier; 
an identifier acquisition unit for acquiring a second 
identifier recorded on a memory medium which is 
set to said data storage device; and 
5 a controller for comparing said first identifier with 
said second identifier, and controlling to access to 
said memory medium for data reading and/or writ- 
ing according to a relationship between said first 
identifier and said second identifier. 

10 

[0008] For example, when the first identifier recorded 
in the storage unit does not match the second identifier 
recorded on the memory medium, the controller inhibits 
access to the memory medium for the reading and writ- 

is ing of data. But when the first and the second identifiers 
match, the controller permits access to the memory 
medium for the reading and writing of data. 
[0009] As described above, since the storage device 
having an identifier which differs from the identifier 

20 recorded on the memory medium inhibits access to the 
memory medium for the reading and writing of data, the 
secrecy of data recorded on the memory medium is 
ensured. 

[001 0] Read address information to be used to control 
25 reading of data and/or write address information to be 
used to control writing of data are stored in a predeter- 
mined area on the memory medium. When the first 
identifier matches the second identifier, the controller 
may permit or inhibit the reading and/or writing of data 
30 according to the read address information and/or the 
write address information respectively. 
[0011] In addition, to achieve the above objective, 
according to the present invention, it is provided a data 
storage device which reads data from and/or writes data 
35 to a memory medium by designating first address infor- 
mation, comprises: 

a storage unit for storing a first identifier; 

an identifier acquisition unit for acquiring a second 

40 identifier recorded in a memory medium which is 
set to said data storage device; 
an address information acquisition unit for acquiring 
second address information recorded in said mem- 
ory medium; and 

45 a controller for comparing said first identifier with 
said second identifier and said first address infor- 
mation with said second address information, and 
controlling to access to said memory medium for 
data reading and/or writing according to a relation- 

50 ship between said first identifier and said second 
identifier and a relationship between said first 
address information and said second address infor- 
mation. 

55 [001 2] The first identifier and the second identifier are 
identifiers inherent to a data storage device or identifiers 
inherent to a memory medium. For example, the identi- 
fier inherent to a data storage device or memory 
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medium is a serial number of a data storage device or a 
memory medium. 

{001 3] Thus. Security can be established for each of a 
plurality of data items recorded on a memory medium. 
[0014] Read address information to be used to control s 
reading of data and/or write address information to be 
used to control writing of data are stored in a predeter- 
mined area on the memory medium. When the first 
identifier matches the second identifier and the second 
address information is included in the first address infer- w 
mation, the controller may permit or inhibit the reading 
and/or writing of data according to the read address 
information and/or the write address information 
respectively. 

[001 5] in this structured data storage device, the con- 15 
trailer records the second identifier, the read address 
information, the write address information, or the sec- 
ond address information in the predetermined area 
based on a predetermined setup command which is 
transmitted by a control device of a data storage device 20 
connected to the data storage device. 
[001 6] A predetermined setup command is, for exam- 
ple, a SCSI interface format command or a vender 
unique command. 

[0017] Further, it is preferable that the controller can 25 
initialize a predetermined area based on a predeter- 
mined release command, which is transmitted from the 
control device of a data storage device connected to the 
data storage device. 

[001 8] Other features and advantages of the present 30 
invention will become readily apparent from the follow- 
ing description when taken in conjunction with the 
accompanying drawings. 

PRIEF PESCPIPTIQN OF THE PRAW1NQS 35 

[001 9] The accompanying drawings, which are incor- 
porated in and constitute a part of the specification, 
illustrate presently preferred embodiments of the inven- 
tion, and together with the general description given 40 
above and the detailed description of the preferred 
embodiments given below, serve to explain the principle 
of the invention, in which: 

Fig. 1 is a block diagram illustrating a data storage 45 
device according to embodiments of the present 
invention; 

Fig. 2 is a diagram showing an example layout for a 
format for a magneto-optical disk; 
Fig. 3 is a diagram showing the structure of a CDB 50 
for a security setup command that employs a ven- 
dor unique command; 

Fig. 4 is a diagram showing the structure of a CDB 
for a format command the security level of which is 
designated; 55 
Fig. 5 is a flowchart for security process performed 
according to a first embodiment of the present 
invention; 



Figs. 6A and 6B are diagrams depicting the struc- 
tures of a parameter header and a level descriptor; 
Figs. 7A and 7B are diagrams in each of which is 
shown the structure of a parameter field for a level 
descriptor; 

Fig. 8 is a flowchart for the security process per- 
formed according to a second embodiment of the 
present invention; 

Fig. 9 is a flowchart for the security process per- 
formed according to a third embodiment of the 
present invention; 

Fig. 10 is a flowchart for the security process per- 
formed according to a fourth embodiment of the 
present invention; 

Fig. 1 1 is a flowchart for the security process per- 
formed according to a fifth embodiment of the 
present invention; 

Fig. 12 is a flowchart for the security process per- 
formed according to a sixth embodiment of the 
present invention; 

Fig. 13 is a flowchart for the security process per- 
formed according to a seventh embodiment of the 
present invention; 

Fig. 14 is a flowchart for the security release proc- 
ess; 

Fig. 15 is a flowchart for the memory medium load- 
ing process performed when security information is 
encoded; 

Fig. 16 is a flowchart for the memory medium load- 
ing process performed when security information is 
encoded and a password is set; 
Fig. 17 is a flowchart for recording process of the 
medium identifier to the storage device; 
Fig. 1 8 is a flowchart for security process performed 
according to an eighth embodiment of the present 
invention; 

Fig. 19 is a flowchart for the security process per- 
formed according to a ninth embodiment of the 
present invention; 

Fig. 20 is a flowchart for the security process per- 
formed according to a tenth embodiment of the 
present invention; 

Fig. 21 is a flowchart for the security process per- 
formed according to an eleventh embodiment of the 
present invention; 

Fig. 22 is a flowchart for the security process per- 
formed according to a twelfth embodiment of the 
present invention; 

Fig. 23 is a flowchart for the security process per- 
formed according to a thirteenth embodiment of the 
present invention; 

Fig. 24 is a flowchart for the security process per- 
formed according to a fourteenth embodiment of 
the present invention; 

Fig. 25 is a flowchart for the security release proc- 
ess in the another embodiments; 
Fig. 26 is a flowchart for the memory medium load- 
ing process performed when security information is 
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encoded in the another embodiment; 
Fig. 27 is a flowchart for the memory medium load- 
ing process performed when security information is 
encoded and a password is set in the another 
embodiment; and 5 
Fig. 28 is a flowchart showing the conventional 
process performed when accessing a memory 
medium in the another embodiment. 

DETAILED DESCRIPTION OF THE PREFERRED 10 
EMBODIMENTS 

[0020] The preferred embodiments of the present 
invention will now be described while referring to the 
accompanying drawings. However, the technical scope is 
of the present invention is not limited to these embodi- 
ments. The same reference numerals or device identifi- 
ers are used to denote corresponding or identical 
components in the drawings. 

[0021 ] In the embodiment of the present invention, a 20 
magneto-optical disk (MO) is employed as a memory 
medium (hereinafter referred to as a medium) for 
recording data, but the medium that can be employed is 
not thereby limited, and another exchangeable memory 
disk, such as a magnetic disk, a floppy disk, an optical 25 
disk or a phase change optical disk may be employed. 
[0022] Fig. 1 is a schematic block diagram illustrating 
a magneto-optical disk device according to the present 
invention. In Fig. 1, a magneto-optical disk device 1 is 
connected via a SCSI interface to a personal computer 30 
2, which is a superior apparatus. 
[0023] The magneto-optical disk device 2 comprises 
a mechanism controller 10, for performing writing data 
to and reading data from a magneto-optical disk, and a 
control unit which includes a magneto-optical disk con- 35 
trailer (ODC) which employs firmware to implement a 
method according to the present invention. 
[0024] The control unit further includes an MPU 12, 
which controls the entire magneto-optical disk device 1 ; 
a D-RAM 13, which is a read/write buffer memory; a 40 
DSP 14, for performing positioning; a write data ampli- 
fier 14; a read data amplifier 16; an AGC amplifier 17; a 
head drive power amplifier 18; and a disk rotation motor 
controller 19. 

[0025] The mechanism controller 10 includes a head as 
sensor 100, a data reading/writing laser diode 101 , and 
a detector 102 for detecting the inclination of a head. 
Further, the mechanism controller 10 includes a focus 
actuator 103, which is controlled by the head drive 
power amplifier 18; a track actuator 104; a disk ejection so 
motor 105; a head drive voice coil motor 106; and a 
spindle motor 107, which is controlled by the motor con- 
troller 19 for rotating a disk. 

[0026] When an operator enters an instruction at a 
keyboard 3 of the personal computer 2, a SCSI com- ss 
mand is transmitted by the computer 2 to the magneto- 
optical disk controller (ODC) 11 to initiate the writ- 
ing/reading of data. Connected to the computer 2 is a 



display 4 on which-data are displayed. 
[0027] The magneto-optical disk controller (ODC) 1 1 , 
which is provided with flash ROM for the storage of 
firmware, has an analysis function for analyzing SCSI 
commands received from the computer 2, and a coordi- 
nation function for interacting with the MPU 12, in 
response to a SCSI command, to provide data writ- 
ing/reading control of the mechanism controller 10. 
[0028] The present invention -can be applied not only 
for a SCSI command system but also for another com- 
mand system, such as an ATA/ATAPI/SASI command 
system. 

[0029] Fig. 2 is a diagram showing an example layout 
of a disk format for a magneto-optical disk (MO), i.e., the 
arrangement of areas on a medium as specified by the 
ISO standards established for 3.5 inch magneto-optical 
disk cartridges. As is shown in Fig. 2, in a range extend- 
ing from a radius of 23.72 mm from the center of the MO 
disk to a radius of 41 .00 mm is a data area in which user 
data can be recorded. The inside and the outside areas 
in the radial direction are medium information manage- 
ment areas in which are stored various medium infor- 
mation, such as the type and the structure of a medium. 
[0030] In the preferred embodiments of the present 
invention, an additional security area is provided in the 
medium information management area, and recorded 
as security information in the security area is a device 
identifier inherent to a magneto-optical disk device 
(hereinafter referred to as a storage device), such as a 
serial number. Or alternately, areas for manufacturers in 
an inner test zone and an outer test zone or a buffer 
zone in Fig. 2 may be employed as security areas. 
[0031] When a magneto-optical disk in which the 
device identifier is recorded is inserted into a specific 
storage device, data reading/writing control is provided 
in accordance with the relationship between the device 
identifier of the storage device and the device identifier 
recorded in the medium. For example, only when the 
two identifiers match, the reading/Writing of data is per- 
mitted. In other words, since a storage device whose 
device identifier differs from that recorded in a medium 
inhibits the reading/Writing of data from/to the medium, 
the secrecy of data can be maintained. 
[0032] The writing in a medium of the device identifier 
is performed by the magneto-optical disk controller 
(ODC) 11 of a storage device in accordance with a 
security setup command received from a superior appa- 
ratus. Fig. 3 is a diagram showing an example CDB 
(Command Descriptor Block) for a security setup com- 
mand which is transmitted from the personal computer 
2 to the storage device 1 . The security setup command 
in Fig. 3 is prepared by using a vender unique command 
for the SCSI interface. As is described above, the secu- 
rity setup data, according to which medium access is 
permitted only when the device identifier recorded in a 
medium matches the device identifier of a storage 
device, are set to the security level of the security setup 
command. 
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[0033] The security level may be designated in 
accordance with a normal format command, instead of 
the security setup command being set by using the 
vender unique command. Fig. 4 is a diagram showing 
an example CDB for a format command for which the 5 
security level is set by using the SCSI command. 
[0034] When the magneto-optical disk controller 
(ODC) 1 1 of the storage device 1 receives a security 
setup command or a format command, the security level 
of which has been set, the disk controller 1 1 writes 10 
(records) the device identifier of the storage device in a 
pre-designated security area on the loaded medium. As 
a result, the security information is recorded in the 
medium. The device identifier of the storage device is 
stored in the flash ROM provided for the magneto-opti- is 
cal disk controller (ODC) 1 1 . 
[0035] Fig. 5 is a flowchart for the security process, 
performed by the above described storage device 1, 
according to a first embodiment of the present inven- 
tion. The security process, which will be explained 20 
below, is performed by the magneto-optical disk control- 
ler (ODC) 1 1 of the storage device 1 . 
[0036] In Fig. 5, when a medium is set to (for example, 
inserted into) the storage device 1 at step S101, the 
medium is loaded at step S102. That is, the medium is 25 
positioned at a predetermined location within the stor- 
age device 1 , and is rotated at a specific rotation rate. At 
step S103, data in the medium information manage- 
ment area on the medium are read, and at step S104, 
the security information (device identifier) recorded in 30 
' the security area are read. 

[0037] At step S105, a check is performed to deter- 
mine whether the security area is in the initial state. 
When the security area is in the initial state, i.e., when 
no device identifier has been recorded in the security 35 
area, the process then advances to step S1 08, whereat 
the reading of data from the medium and the writing of 
data to it are permitted. It is assumed that the security 
level has not yet been set. 

[0038] If, at step S1 05, the device identifier has been 40 
recorded in the security area, i.e., if the security level 
has been set, at step S106, the device identifier 
recorded on the medium is compared with the device 
identifier of the storage device 1 in which the medium is 
currently loaded in order to determine whether the two 45 
device identifiers match. 

[0039] When the two device identifiers match, the 
» process then advances to step S 1 08, whereat the secu- 
rity is released and the reading of data from the medium 
and the writing of data to it are permitted. so 
[0040] When at step S106, the two device identifiers 
do not match, the security is not released and the read- 
ing/writing of data is inhibited (step S107). 
[0041] As described above, in this embodiment, the 
security area in which the device identifier of a storage 55 
device is recorded is provided for the medium informa- 
tion management area. When the medium is loaded into 
the storage device and when the device identif ier of the 



storage device does not match the device identifier 
recorded in the medium, the reading and writing of data 
is inhibited. Thus, even though the medium has been 
stolen, the secrecy of the data recorded in the medium 
can be maintained. 

[0042] To enhance the security, it is preferable that a 
further security function is prepared in addition to the 
above security information. 

[0043] Thus, read address information and write 
address information are recorded in the parameter head 
of a parameter, which is designated by the security 
setup command (Fig. 3) or the format command (Fig. 4) 
for which the security level has been set. Figs. 6A and 
6B are diagrams showing an example structure for a 
parameter designated by the above command. The 
parameter is constituted by a parameter head shown in 
Fig. 6A and a level descriptor shown in Fig. 6B. The 
read and write address information is recorded in the 
parameter head in Fig. 6A. The level descriptor in Fig. 
6B consists of a header of two bytes and a succeeding 
parameter field. The parameter field is divided into units 
called pages, for individual function attributes. 
[0044] If, for example, the read address information 
has been designated, the reading of data is inhibited 
even when the device identifiers match. If the read 
address information has not been set, the reading of 
data is permitted. 

[0045] If the write address information has been des- 
ignated, the writing of data can be inhibited even when 
the device identifiers match. If the write address infor- 
mation has not been set, the writing of data is permitted. 
The read address information and the write address 
information are recorded in the security area at the 
same time when the device identifier of the storage 
device is recorded in the security area. 
[0046] When the read address information or the write 
address information has been set, the reading or writing 
of data is inhibited, which is inconvenient. Therefore, 
preferably, if the read address information or the write 
address information has been set, a predetermined 
password is also set, so that when a password is input, 
the reading or writing of data can be enabled even 
though the address information has been set. In addi- 
tion, when a predetermined password has been set, 
regardless of whether the read or write address infor- 
mation has been set, and when reading and writing are 
permitted if the both of the device identifiers and the 
passwords match, a double level of security can be 
established and the secrecy of data can be enhanced. 
[0047] The password is recorded in the level descrip- 
tor in the parameter. Fig. 7A is a diagram showing a 
page for a password in the parameter field (see Fig. 6B) 
of the level descriptor. When the security is set up, the 
password is recorded to the security area of the medium 
together with the address information. Fig. 7B is a dia- 
gram showing pages, in the parameter field of the level 
descriptor, designated for a logical block address (LBA), 
which will be described later. 
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[0048] Fig. 8 is a flowchart for the security process 
performed according to a second embodiment of the 
present invention. In the second embodiment, the read 
address information is recorded in the above described 
parameter head. Since steps S201 to S205 in Fig. 8 cor- 5 
respond to steps S101 to S1 05 in Fig. 5, no explanation 
for them will be given. 

[0049] When, at step S205, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set, and the process advances to step 10 
S21 1 , whereat the reading of data from the medium and 
writing of data to the medium are permitted. If, at step 

5205, the security information has been set, at step 

5206, the device identifier recorded on the medium is 
compared with the device identifier of a storage device is 
into which the medium has currently been loaded to 
determine whether the two device identifiers match. 
When the device identifiers do not match, the security is 
not released, and the reading and writing of data are 
inhibited (step S207). 20 
[0050] When the two device identifiers match, the 
process advances to step S208, whereat a check is per- 
formed to determine whether reading in accordance 
with the read address information is permitted. When 
read address information has not yet been set, the proc- 25 
ess advances to step S209, whereat the reading of data 

is enabled but the writing of data is inhibited. That is, 
even though data stored on the medium can be read 
and the contents can be examined, the writing of data, 
such as the altering of data, is not enabled. When the 30 
Write address information has been set, the process 
advances to step S210, whereat both the reading and 
the writing of data are inhibited. 
[0051 ] Fig. 9 is a flowchart showing the security proc- 
ess performed according to a third embodiment of the 35 
present invention. In this embodiment the write address 
information is set in the parameter header. Since steps 
S301 to S305 in Fig. 9 correspond to steps S101 to 
S105 in Fig. 5, no explanation for them will be given. 
[0052] When, at step S305, the security area is in the 40 
initial state, it is assumed that the security information 
has not yet been set and the process advances to step 
S31 1 , whereat the reading of data from the medium and 
the writing of data to the medium are permitted. If, at 
step S305, the security information has been set, at 45 
step S306, the device identifier recorded on the medium 
is compared with the device identifier of the storage 
device into which the medium has currently been 
loaded to determine whether the two device identifiers 
match. When the device identifiers do not match, the so 
security are not released, and the reading and the writ- 
ing of data are inhibited (step S307). 
[0053] When the two device identifiers match, the 
process advances to step S308, whereat a check is per- 
formed to determine whether writing in accordance with ss 
the write address information is permitted. When the 
write address information has not yet been set, the 
process advances to step S309, whereat the writing of 



data is permitted but the reading of data is inhibited. 
That is, even though new data can be created, the data 
stored on the medium can not be read. When the write 
address information has been set, the process 
advances to step S310, whereat both the reading and 
the writing of data are inhibited. 
[0054] Fig. 10 is a flowchart showing the security 
process performed according to a fourth embodiment of 
the present invention. In this embodiment, both the read 
address information and the write address information 
are set in the parameter header. Since steps S401 to 
S405 in Fig. 10 correspond to steps S101 to S105 in 
Fig. 5, no explanation for them will be given. 
[0055] When, at step S405, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set, and the process advances to step 
S415, whereat the reading of data from the medium and 
writing of data to the medium are permitted. If, at step 

5405, the security information has been set, at step 

5406, the device identifier recorded on the medium is 
compared with the device identifier of the storage 
device into which the medium has currently been 
loaded to determine whether the two device identifiers 
match. When the device identifiers do not match, the 
security is not released, and the reading and the writing 
of data are inhibited (step S407). 

[0056] When the two device identifiers match, the 
process advances to step S408, whereat a check is per- 
formed to determine whether reading in accordance 
with the read address information is permitted. When 
the read address information has not yet been set, the 
process advances to step S409, whereat a check is per- 
formed to determine whether writing in accordance with 
the write address information is permitted. When the 
write address information has not yet been set, at step 
S410 both the reading and the writing of data are ena- 
bled. If, at step S409, the write address information has 
been set, at step S41 1, the reading of data is enabled 
and the writing of data is inhibited. 
[0057] If, at step S408, the read address information 
has been set, the process advances to step S412, 
whereat, as well as at step S409, a check is performed 
to determine whether writing in accordance with the 
write address information is permitted. When the write 
address information has not yet been set, at step S413, 
the writing of data is permitted but the reading of data is 
inhibited. If, at step S412, the write address information 
has been set, at step S414 t both the reading and the 
writing of data are inhibited. 
[0058] In above described embodiments, the security 
is set to all data stored in the medium is read. But it is 
preferable to set the security to a part of the data, 
because a part of the data needs to be set the security. 
[0059] Therefore, when the security information is 
recorded to the medium, a logical block address (LBA) 
for data for which the security is to be set is designated 
to the level descriptor for the parameter in Fig. 6. More 
specifically, an LBA designation page to designate data 
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for which the security is to be set is provided for the 
parameter field in the level descriptor (see Fig. 7B). As 
is shown in Fig. 7B, a single data LBA (security LBA) for 
setting the security is designated which has, for exam- 
ple, a length of three bytes. The data for the security 5 
LBA are recorded in the security area at the same time 
as the device identifier of the storage device is recorded 
in the security area. 

[0060] Fig. 1 1 is a flowchart for the security process 
performed according to a fifth embodiment of the 10 
present invention. In the fifth embodiment, as well as in 
the second embodiment, the security LBA is set when 
the read address information is set. Since steps S501 to 
S505 in Fig. 11 correspond to steps S101 to S105 in 
Fig. 5, no explanation for them will be given. 15 
[0061 ] When, at step S505, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set and the process advances to step 
S516, whereat the reading of data from the medium and 
the writing of data to the medium are permitted. If, at 20 
step S505, the security information has been set, at 
step S506, the device identifier recorded on the medium 
is compared with the device identifier of the storage 
device into which the medium has currently been 
loaded to determine whether the two device identifiers 25 
match. When the device identifiers do not match, at step 
S507, a check is performed to determine whether a 
security LBA has been designated in the security area. 
When a security LBA has not been designated, the 
reading and the writing of data are inhibited (step 30 
S508). 

[0062] If, at step S507, a security LBA has been des- 
ignated, at step S509, a check is performed to deter- 
mine whether the LBA for the data that are being 
accessed has been included in the security LBA. if the 35 
LBA for the data has been included in the security LBA, 
the process advances to step S510, whereat the read- 
ing of data and the writing of data are inhibited. 
[0063] If the LBA for the data has not been included, 
the process advances to step S51 1 , whereat the read- 40 
ing of data and the writing of data are permitted. 
[0064] When, at step S506, the two device identifiers 
match, at step S512, a check is performed to determine 
whether the LBA for the data that are being accessed 
has been included in the security LBA. If the LBA for the 45 
data has been included in the security LBA, the process 
advances to step S51 3, whereat a check is performed to 
determine whether reading in accordance with read 
address information is enabled. 

[0065] When the read address information has not yet so 
been set, the process advances to step S514, whereat 
the reading of data is permitted but the writing of data is 
inhibited. That is, though data stored on the medium 
can be read and the contents can be examined, the writ- 
ing of data, such as the altering of data, is not enabled. 55 
When the read address information has been set, the 
process advances to step S515, whereat both the read- 
ing and the writing of data are inhibited. 



[0066] If, at step S51 2, the LBA for the data that are 
being accessed has not been included in the security 
LBA, the process advances to step S516, whereat the 
reading of data and the writing of data are permitted. 
[0067] Fig. 12 is a flowchart for the security process 
performed according to a sixth embodiment of the 
present invention. In the sixth embodiment, as well as in 
the third embodiment, the security LBA is set when the 
write address information is set. Since steps S601 to 
S605 in Fig. 12 correspond to steps S101 to S105 in 
Fig. 5, no explanation for them will be given. 
[0068] When, at step S605, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set and the process advances to step 
S616, whereat the reading of data from the medium and 
the writing of data to the medium are permitted. If, at 
step S605, the security information has been set, at 
step S606, the device identifier recorded on the medium 
is compared with the device identifier of the storage 
device, into which the medium has currently been 
loaded to determine whether the two device identifiers 
match. When the device identifiers do not match, at step 
S607, a check is performed to determine whether the 
security LBA has been designated in the security area. 
When the security LBA has not been designated, the 
reading and the writing of data are inhibited (step 
S608). 

[0069] If, at step S607, the security LBA has been 
designated, at step S609, a check is performed to deter- 
mine whether the LBA for the data that are being 
accessed has been included in the security LBA. If the 
LBA for the data has been included in the security LBA, 
the process advances to step S610, whereat the read- 
ing of data and the writing of data are inhibited. 
[0070] If the LBA for the data has not been included, 
the process advances to step S61 1, whereat the read- 
ing of data and the writing of data are permitted. 
[0071 ] When, at step S606, the two device identifiers 
match, at step S612, a check is performed to determine 
whether the LBA for the data that are being accessed 
has been included in the security LBA. If the LBA for the 
data has-been included in the security LBA, the process 
advances to step S61 3, whereat a check is performed to 
determine whether writing in accordance with the write 
address information is enabled. 
[0072] When the write address information has not yet 
been set, the process advances to step S614, whereat 
writing of data is permitted but the reading of data is 
inhibited. That is, though the creation of new data is per- 
mitted, the reading of data from the medium is inhibited. 
When the write address information has been set, the 
process advances to step S61 5, whereat both the read- 
ing and the writing of data are inhibited. 
[0073] If, at step S612, the LBA for the data that are 
being accessed has hot been included in the security 
LBA, the process advances to step S616, whereat the 
reading of data and the writing of data are permitted. 
[0074] Fig. 13 is a flowchart for the security process 
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performed according to a seventh embodiment of the 
present invention. In the seventh embodiment, as well 
as in the third embodiment, the security LBA is set when 
the read address information and the write address 
information are set. Since steps S701 to S705 in Fig. 13 5 
correspond to steps S101 to S105 in Fig. 5, no explana- 
tion for them will be given. 

[0075] When, at step S705, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set and the process advances to step 10 
S720, whereat the reading of data from a medium and 
the writing of data to the medium are permitted. If, at 
step S705, the security information has been set, at 
step S706, the device identifier recorded on the medium 
is compared with the device identifier of the storage 15 
device into which the medium has currently been 
loaded in order to determine whether the two device 
identifiers match. When the device identifiers do not 
match, at step S707, a check is performed to determine 
whether the security LBA has been designated in the 20 
security area. When the security LBA has not been des- 
ignated, the reading and the writing of data are inhibited 
(stepS708). 

[0076] If, at step S707, the security LBA has been 
designated, at step S709, a check is performed to deter- 25 
mine whether the LBA for the data that are being 
accessed has been included in the security LBA. If the 
LBA for the data has been included in the security LBA, 
the process advances to step S710, whereat the read- 
ing of data and the writing of data are inhibited. 30 
[0077] If the LBA for the data has not been included, 
the process advances to step S71 1 , whereat the read- 
ing of data and the writing of data are permitted. 
[0078] When, at step S706, the two device identifiers 
match, at step S71 2, a check is performed to determine 35 
whether the LBA for the data that are being accessed 
has been included in the security LBA. If the LBA for the 
data has been included in the security LBA, the process 
advances to step S71 3, whereat a check is performed to 
determine whether reading in accordance with the read 40 
address information is enabled. When the read address 
information has not yet been set, the process advances 
to step S714, whereat a check is performed to deter- 
mine whether writing in accordance with the write 
address information is enabled. When the write address 45 
information has not yet been set, the process advances 
to step S715, whereat both the reading and the writing 
of data are permitted. When, at step S715, the write 
address information has been set, at step S716 the 
reading of data is permitted but the writing of data is so 
inhibited. 

[0079] If, at step S713, the read address information 
has been set, the process advances to step S717, 
whereat a check is performed to determine whether 
writing in accordance with the write address information 55 
is enabled. When the write address information has not 
yet been set, at step S718, the writing of data is permit- 
ted but the reading of data is inhibited. When, at step 



S717, the write address information has been set, at 
step S719, both the reading and the writing of data are 
inhibited. If, at step S712, the LBA for the data that are 
being accessed has not been included in the security 
LBA, the process advances to step S720, whereat the 
reading of data and the writing of data are permitted. 
[0080] Fig. 14 is a flowchart for the security release 
process performed to release the security setup state in 
which the above described various security processes 
are performed. 

[0081 ] First, at step S801 a security release command 
is transmitted from the computer 2 to the storage device 
1. As well as the security setup command transmitted, 
the security release command is constituted by using 
the vender unique command at a SCSI interface. 
[0082] At step S802, the address information in the 
security area are read, and at step S803 a check is per- 
formed to determine whether there are security informa- 
tion in the security area. When security information has 
been recorded in the security area, the process 
advances to step S804, whereat the device identifier 
included in the security area is compared with the 
device identifier of the storage device into which the 
medium has been loaded. When the two device identifi- 
ers match, a predetermined initial value is recorded in 
the security area to return the area to the initial state (to 
initialize the area) (step S805). 
[0083] When the device identifiers do not match, or 
when no security information is recorded in the security 
area, the security release process is not performed. 
[0084] Although not shown in the above flowchart, 
when the security information include a password, a 
step of inputting the password is provided, and only 
when the password included in the security information 
matches the password which was entered the release of 
security may be performed. 

[0085] In the above described embodiments of the 
present invention, the security information (a device 
identifier, an address information, a password, etc.) to 
be recorded in the security area may be encoded to 
enhance the secrecy. In this case, specific information 
for encoding is added to the security setup command, 
and the security information that are encoded in accord- 
ance with the information for encoding is recorded in the 
security area. 

[0086] Fig. 15 is a flowchart for the medium loading 
process performed when the security information is 
encoded. In Fig. 15, when the medium is inserted into a 
storage device at step S901, at step S902, the loading 
of the medium is initiated. At step S903, medium man- 
agement information is read, and at step S904, a check 
is performed to determine whether there is security 
information included in the medium information. 
[0087] When, at step S904, it is determined that no 
security information is included, the process advances 
to step S909, whereat the reading and the writing of 
data the medium are enabled. 
[0088] If, at step S904, it is determined that the secu- 
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rity information is included, at step S905 a check is per- 
formed to determine whether the security information is 
encoded. When the security information is encoded, at 
step S906, the security information is decoded. 
[0089] At step S907, the device identifier included in 5 
the security information is compared with the device 
identifier of the storage device into which the medium 
has currently been loaded to determine whether the two 
device identifiers match. When the device identifiers 
match, security is released and the process advances 10 
to step S909, whereat the reading and the writing of 
data to the medium are enabled. 
[0090] If, at step S907, the device identifiers do not 
match, the security is not released, and the reading 
data from and writing of data to the medium are inhib- 15 
ited (step S908). 

[0091 ] Fig. 1 6 is a flowchart for the medium loading 
process performed when the security information in Fig. 
15 includes a password. In Fig. 16, step S910 is added 
to the flowchart in Fig. 15. Specifically, when the secu- 20 
rity information is decoded at step S906, a password 
which is input is compared with a password included in 
the security information. When the two passwords do 
not match, the security is not released, and the reading 
and the writing of data to the medium are inhibited (step 25 
S908). 

[0092] When the passwords match, the process 
advances to step S907, whereat comparison of the 
device identifiers is performed as described above. 
[0093] For this process, the performance of steps 30 
S907 and S910, i.e., the comparison of passwords and 
the comparison of device identifiers, may be inverted. 
The execution sequence for the password comparison 
step and the device identifier comparison step can be 
arbitrarily set by the user, the maker or the retailer of a 35 
storage device, and such a setup can also be arbitrarily 
changed. 

[0094] The encoding of the security information is per- 
formed by using, for example, a DES algorithm or a sim- 
ple bit rearrangement process. The security information 40 
may be converted, for example, into ASCII, JIS, EDICI- 
BIC or ECU code before being recorded in the security 
area. 

[0095] In the above described embodiments of the 
present invention, the reading or the writing of data is 45 
permitted when device identifiers match. However, 
when the device identifiers do not match, either the 
reading or the writing of data may be permitted. 
[0096] Further, another preferred embodiments of the 
present invention will now be described. 
[0097] In the another preferred embodiments of the 
present invention, an additional security area is pro- 
vided in the medium information management area, and 
the security area has a medium identifier inherent to a 
medium, such as a serial number of the medium. And 55 
the medium identifier in the security area is recorded in 
the storage device. 

[0098] When the medium in which the medium identi- 



fier is recorded is inserted into a storage device, data 
reading/writing control is provided in accordance with 
the relationship between the medium identifier recorded 
in the storage device and the medium identifier of the 
medium. For example, only when the two identifiers 
match, the reading/writing of data is permitted. In other 
words, since a storage device whose medium identifier 
differs from that of the inserted medium inhibits the 
readingtoriting of data from/to the medium, the secrecy 
of data can be maintained. 

[0099] The writing in the storage device of the medium 
identifier is performed by the magneto-optical disk con- 
troller (ODC) 1 1 of a storage device in accordance with 
a security setup command received from a superior 
apparatus. 

[01 00] Fig. 1 7 is a flowchart for recording process of 
the medium identifier to the storage device. In Fig. 17, 
when the storage device receives a security setup com- 
mand at step S1 01 1 , a check is performed to determine 
whether the medium identifier is already recorded in the 
storage device at step S1012. Then, if already 
recorded, recorded medium identifier is compared with 
the medium identifier of the inserted medium at step 
1 01 3. In case that the two identifiers do not match, 
If not recorded yet, the process completed abnormally 
(stepS1019). 

[0101] If not recorded yet at step S1012, the medium 
identifier of the inserted medium is read by ODC 1>1 
(step S1014), and the read medium identifier is 
recorded in a memory area in the ODC 1 1 (step S1015). 
As described after, in case that security is set to a part 
of the data stored in the medium, an address informa- 
tion of the part of the data is recorded in the security 
area of the medium at step S1016. A mode of the stor- 
age device is changed to a mode designated by security 
setup command at step S101 7 and the process is com- 
pleted normally (step S1018). 
[0102] Fig. 18 is a flowchart for the security process 
performed by the storage device 1, according to an 
eighth embodiment of the present invention. The secu- 
rity process, which will be explained below, is performed 
by the magneto-optical disk controller (ODC) 11 of the 
storage device 1. 

[0103] In Fig. 18, Since steps S1101 to S1 105 corre- 
spond to steps S101 to S105 in Fig. 5, no explanation 
for them will be given. 

[01 04] At step S1 105, a check is performed to deter- 
mine whether the security area is in the initial state. If, at 
step S1 105, the medium identifier has been recorded in 
the security area, i.e., if the security level has been set, 
at step S1106, the medium identifier recorded in the 
storage device is compared with the medium identifier 
of the inserted medium in order to determine whether 
the two medium identifiers match. 
[0105] When the two medium identifiers match, the 
process then advances to step S1 108 and the security 
is released i.e. the reading/writing of the data from/to 
the medium is permitted (step S1 108). 
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[0106] When at step S1 106, the two medium identifi- 
ers do not match, the security is not released and the 
reading/writing of data is inhibited <step S1107). 
[0107] As described above, in this embodiment, the 
security area in which the medium identifier of the s 
medium provided in the security area is recorded in the 
storage device. When the medium is loaded into the 
storage device and when the medium identifier of the 
inserted medium does not match the medium identifier 
recorded in the storage device, the reading and writing 10 
of data is inhibited. Thus, even though the medium has 
been stolen, the secrecy of the data recorded in the 
medium can be maintained. 

[0108] Fig. 19 is a flowchart for the security process 
performed according to a ninth embodiment of the is 
present invention. In the ninth embodiment, the read 
address information is recorded in the above described 
parameter head. Since steps S1201 to S1205 in Fig. 19 
correspond to steps S201 to S205 in Fig. 8, no explana- 
tion for them will be given. 20 
[0109] If, at step S1205, the security information has 
been set, at step S1206, the medium identifier read 
from the storage device is compared with the medium 
identifier of the inserted medium to determine whether 
the two medium identifiers match. When the medium 25 
identifiers do not match, the process advances to step 
S1207 and when the two medium identifiers match, the 
process advances to step S1208. 
[0110] Since steps S1207 to S1211 in Fig. 19 corre- 
spond to steps S207 to S21 1 in Fig. 8, no explanation 30 
for them will be given. 

[0111] Fig. 20 is a flowchart showing the security 
process performed according to a tenth embodiment of 
the present invention. In this embodiment, the write 
address information is set in the parameter header. 35 
Since steps S1301 to S1305 in Fig. 20 correspond to 
steps S301 to S305 in Fig. 9, no explanation for them 
will be given. 

[0112] If, at step S1305, the security information has 
been set, at step S1306, the medium identifier read 40 
from the storage device is compared with the medium 
identifier of the inserted medium to determine whether 
the two medium identifiers match. When the medium 
identifies do not match, the process advances to stop 
S1307 and when the two medium identifiers match, the as 
process advances to step S1308. 
[01 1 3] Since steps S1307 to S1311 in Fig. 20 corre- 
spond to steps S307 to S311 in Fig. 9, no explanation 
for them will be given. 

[0114] Fig. 21 is a flowchart showing the security so 
process performed according to an eleventh embodi- 
ment of the present invention. In this embodiment, both 
the read address information and the write address 
information are set in the parameter header. Since 
steps S1401 to S1405 in Fig. 21 correspond to steps ss 
S401 to S405 in Fig. 10, no explanation for them will be 
given. 

[01 1 5] If, at step S1 405, the security information has 



been set, at step S1406, the medium identifier read 
from the storage device is compared with the medium 
identifier of the inserted medium to determine whether 
the two medium identifiers match. When the medium 
identifiers do not match, the process advances to step 
S1407, and when the two medium identifiers match, the 
process advances to step S1 408. 
[01 1 6] Since steps S1407 to S1 41 5 in Fig. 21 corre- 
spond to steps S407 to S415 in Fig.10, no explanation 
for them will be given. 

[01 1 7] Fig. 22 is a flowchart for the security process 
performed according to twelfth embodiment of the 
present invention. In this embodiment, as well as in the 
fifth embodiment, the security LBA is set when read 
address information is set. Since steps S1501 to S1505 
in Fig. 22 correspond to steps S1501 to S1505 in Fig. 
12, no explanation for them will be given. 
[0118] If, at step S1505, the security information has 
been set, at step S1506, the medium identifier read 
from the storage device is compared with the medium 
identifier of the inserted medium to determine whether 
the two medium identifiers match. When the medium 
identifiers do not match, the process advances to step 
S1507 and when the two medium identifiers match, the 
process advances to step S1 51 2. 
[01 1 9] Since steps S1 507 to S1 51 6 in Fig. 22 corre- 
spond to steps S507 to S516 in Rg.11, no explanation 
for them will be given. 

[0120] Fig. 23 is a flowchart for the security process 
performed according to a thirteenth embodiment of the 
present invention. In this embodiment, as well as in the 
sixth embodiment, the security LBA is set when the 
write address information is set. Since steps S1601 to 
S1605 in Fig. 23 correspond to steps S601 to S605 in 
Fig. 12, no explanation for them will be given. 
[0121] If, at step S1605, the security information has 
been set, at step S1606, the medium identifier read 
from the storage device is compared with the medium 
identifier of the inserted medium to determine whether 
the two medium identifiers match. When the medium 
identifiers do not match, the process advances to step 
S1607, and when the two medium identifiers match, the 
process advances to step S1612. 
[0122] Since steps S1607 to S1616 in Fig. 23 corre- 
spond to steps S607 to S616 in Fig.12, no explanation 
for them will be given. 

[01 23] Fig. 24 is a flowchart for the security process 
performed according to a fourteenth embodiment of the 
present invention. In this embodiment, as well as in the 
seventh embodiment, the security LBA is set when the 
read address information and the write address infor- 
mation are set. Since steps S1701 to S1705 in Fig. 24 
correspond to steps S701 to S705 in Fig. 13, no expla- 
nation for them will be given. 
[0124] If, at step S1705, the security information has 
been set, at step S1706, the medium identifier read 
from the storage device is compared with the medium 
identifier of the inserted medium in order to determine 
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whether the two medium identifiers match. When the 
medium identifiers do not match, the process advances 
to step S707 and when the two medium identifiers 
match, the process advances to step S71 2. 
[01 25] Since steps S1 707 to S1 720 in Fig. 24 corre- 5 
spond to steps S707 to S720 in Fig. 13, no explanation 
for them will be given. 

[0126] Fig. 25 is a flowchart for the security release 
process performed to release the security setup state in 
the another preferred embodiments. 10 
[0127] Since steps S1801 to S1803 in Fig. 25 corre- 
spond to steps S801 to S803 in Fig. 14, no explanation 
for them will be given. 

[0128] When security information has been recorded 
in the security area at step S1803, the process 15 
advances to step S1804, whereat the medium identifier 
recorded in the storage device is compared with the 
medium identifier of the inserted medium. When the two 
medium identifiers match, a predetermined initial value 
is recorded in the security area to return the area to the 20 
initial state (to initialize the area) (step S1805). 
[0129] When the medium identifiers do not match, or 
when no security information is recorded in the security 
area, the security release process is not performed. 
[0130] In the above described another embodiments 25 
of the present invention, the security information (a 
medium identifier, an address information, a password, 
etc.) to be recorded in the security area may be 
encoded to enhance the secrecy. In this case, informa- 
tion for encoding are added to the security setup com- 30 
mand, and the security information that is encoded in 
accordance with the , information for encoding are 
recorded in the security area. 
[0131] Fig. 26 is a flowchart for the medium loading 
process performed when security information is 35 
encoded. In Fig. 26, Since steps S1901 to S1806 in Fig. 
26 correspond to steps S901 to S906 in Fig. 15, no 
explanation for them will be given. 
[0132] At step S1 907, the medium identifier recorded 
in the storage device is compared with the medium 40 
identifier of the inserted medium to determine whether 
the two medium identifiers match. When the medium 
identifiers match, security is released and the process 
advances to step S1909, whereat the reading and the 
writing of data to the medium are enabled. 45 
[01 33] If, at step S1 907, the medium identifiers do not 
match, security is not released, and the reading data 
from and writing of data to the medium are inhibited 
(step S1 908). 

[0134] Fig. 27 is a flowchart for the medium loading so 
process performed when the security information 
includes a password in Fig. 26. In Fig. 27, step S1910 is 
added to the flowchart in Fig. 26. Specifically, when the 
security information is decoded at step S1906, a pass- 
word which is input is compared with a password 55 
included in the security information. When the two pass- 
words do not match, the security is not released, and 
the reading and the writing of data to the medium are 



inhibited (step S1908). When thepasswords match, the 
process advances to step S1907, whereat comparison 
of the medium identifiers is performed as described 
above. 

[0135] As is described above, according to the 
present invention, a security area is provided for a 
medium information management area on a medium, 
such as a magneto-optical disk, and a device identifier 
inherent to a storage device is recorded in the security 
area. When such a medium is inserted into a storage 
device, the device identifier recorded in the medium is 
compared with the device identifier of the storage 
device, and when the device identifiers do not match, 
accessing the data on the medium is inhibited. As a 
result, the data secrecy is ensured. 
[0136] Further a medium identifier inherent to a 
medium is recorded in the storage device. When such a 
medium is inserted into a storage device, the medium 
identifier recorded in the storage device is compared 
with the medium identifier of the inserted medium, and 
when the medium identifiers do hot match, accessing 
the data on the medium is inhibited. As a result, the data 
secrecy is ensured. 

[0137] The present invention may be embodied in 
other specific forms without departing from the spirit or 
essential characteristics thereof. The present embodi- 
ment is therefore to be considered in all respects as 
illustrative and not restrictive, the scope of the invention 
being indicated by the appended claims rather than by 
foregoing description and all change which come within 
the meaning and range of equivalency of the claims are 
therefore intended to be embraced therein. 

Claims 

1 . A data storage device which reads data from and/or 
writes data to a memory medium, comprising: 

a storage unit for storing a first identifier; 
an identifier acquisition unit for acquiring a sec- 
ond identifier recorded in a memory medium 
which is set to said data storage device; and 
a controller for comparing said first identifier 
with said second identifier, and controlling to 
access to said memory medium for data read- 
ing and/or writing according to a relationship 
between said first identifier and said second 
identifier. 

2. The data storage device according to claim 1, 
wherein said identifier identifies a data storage 
device. 

3. The data storage device according to claim 2, 
wherein said identifier is a serial number of a data 
storage device. 

4. The data storage device according to claim 1, 
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wherein said identifier identifies a memory medium. 

5. The data storage device according to claim 4, 
wherein said identifier is a serial number of a mem- 
ory medium. s 

6. The data storage device according to claim 1, 
wherein said controller permits or inhibits the read- 
ing of data and/or the writing of data in accordance 
with a result obtained by the comparison of said first 10 
identifier and said second identifier. 

7. The data storage device according to claim 1, 
wherein said memory medium includes read 
address information to be used to control data read- 1$ 
ing, and said controller permits or inhibits the read- 
ing of data in accordance with said read address 
information and a result obtained by the compari- 
son of said first identifier and said second identifier. 

20 

8. The data storage device according to claim 1 , 
wherein said memory medium includes write 
address information to be used to control data writ- 
ing, and said controller permits or inhibits the writ- 
ing of data in accordance with said write address 25 
information and a result obtained by the compari- 
son of said first identifier and said second identifier. 

9. A data storage device which reads data from and/or 
writes data to a memory medium by designating 30 
first address information, comprising: 



10. The data storage device according to claim 9, so 
wherein said memory medium includes read 
address information to be used to control data read- 
ing, and said controller permits or inhibits the read- 
ing of data in accordance with said read address 
information, a result obtained by the comparison of ss 
said first identifier and said second identifier and a 
result obtained by the comparison of said first 
address information and said second address infor- 



mation. 

11. The data storage device according to claim 9, 
wherein said memory medium includes write 
address information to be used to control data writ- 
ing, and said controller permits or inhibits the writ- 
ing of data in accordance with said write address 
information, a result obtained by the comparison of 
said first identifier and said second identifier and a 
result obtained by the comparison of said first 
address information and said second address infor- 
mation. 

12. The data storage device according to claim 1, 
wherein said memory medium includes a pass- 
word, and said controller permits or inhibits the 
reading of data and/a the writing of data in accord- 
ance with determination of said password and a 
result obtained by the comparison of said first iden- 
tifier and said second identifier. 

13. The data storage device according to claim 1, 
wherein said memory medium is one of writable 
memory media as a magnetic disk, a floppy disk, an 
optical disk, a magneto-optical disk and a phase 
change optical disk 

14. A method for controlling a data storage device 
which reads data from and/or writes data to a mem- 
ory medium by designating first address informa- 
tion, comprising the steps of: 

acquiring a first identifier stored in said data 
storage device; 

acquiring a second identifier recorded on said 
memory medium which is set to said data stor- 
age device; 

acquiring said first address information; 
acquiring second address information recorded 
on said memory medium; 
comparing said first identifier with said second 
identifier and said first address information with 
said second address information; and 
controlling to access to said memory medium 
for reading of data and/or writing of data 
according to a relationship between said first 
identifier and said second identifier to permit 
access a relationship between said first 
address information and said second address 
information. 

15. The control method according to claim 14, wherein 
said memory medium includes read address infor- 
mation to be used to control data reading, and in 
said step of controlling, and the reading of data is 
permitted or inhibited in accordance with said read 
address information, a result obtained by the com- 
parison of said first identifier and said second iden- 



a storage unit for storing a first identifier; 
an identifier acquisition unit for acquiring a sec- 
ond identifier recorded in a memory medium 35 
which is set to said data storage device; 
an address information acquisition unit for 
acquiring second address information recorded 
in said memory medium; and 
a controller for comparing said first identifier 40 
with said second identifier and said first 
address information with said second address 
information, and controlling to access to said 
memory medium for data reading and/or writ- 
ing according to a relationship between said 45 
first identifier and said second identifier and a 
relationship between said first address infor- 
mation and said second address information. 
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tifier and a result obtained by the comparison of 
said first address information and said second 
address information. 

1 6. The control method according to claim 1 4, wherein s 
said memory medium includes write address infor- 
mation to be used to control data writing, and in 
said step of controlling, and the writing of data is 
permitted or inhibited in accordance with said write 
address information ,a result obtained by the com- 10 
parison of said first identifier and said second iden- 
tifier and a result obtained by the comparison of 
said first address information and said second 
address information. 

15 

17. The control method according to claim 14, wherein 
said memory medium Includes a password, and in 
said step of controlling, the reading of data and/or 
the writing of data is permitted or inhibited in 
accordance with determination of said password 20 
and a result obtained by the comparison of said first 
identifier and said second identifier. 

18. The control method according to claim 14, further 
comprising the step of recording said second iden- 25 
tifier in said predetermined area on said memory 
medium based on a designated setup command. 

19. The control method according to claim 14, further 
comprising the step of recording said second 30 
address information in said predetermined area on 
said memory medium. 

20. The control method according to claim 18, further 
comprising the step of encoding the second identi- 35 
fier to be recorded in said predetermined area on 
said memory medium. 

21. The control method according to claim 18, wherein 
said setup command is an initializing command for 40 
initializing said memory medium or a specific com- 
mand provided to record. 

22. The control method according to claim 18, wherein 
said predetermined area is initialized to release the 45 
setup for said predetermined area. 

23. The control method according to claim 18, wherein 
said predetermined area on said memory medium 

is a medium information management area estab- so 
lished apart from a data area on said memory 
medium. 

24. The control method according to claim 14, wherein 
said memory medium is one of writable memory 55 
media as a magnetic disk, a floppy disk, an optical 
disk, a magneto-optical disk and a phase change 
optical disk. 
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